The IEEE 802.11 standard is becoming the most popular and efficient network topology deployed today. Providing and ensuring the security of wireless network is essential part to its continuous growth. Goals such as confidentiality and trust imply that every data transmitted by each user stays known only to the communicating parties. Authorization of users is also a very important aspect of network integrity. There exist mechanisms defined by the Wi-Fi Protected Access (WPA) protocol that enable such functionality; however, recent attacks on such system showed that these mechanisms can be defied. In this thesis, we propose two new schemes. The first employs a neural network decision engine that restricts network access to mobile nodes whose phyiscal location is within a threshold distance from the wireless access point or the controller of the network. This method gives an extra layer of security and allows enforcing policies by which network access is only allowed from a certain section of the network. The second tackles the disassociation packet security flaw by which a malicious attacker can disconnect all network users by injecting two or more false management frames into the network. Our scheme proposes the use of digital signatures as a mean to ensure the authenticity, integrity and validity of these frames.

Performance evaluation results showed that our Neural Network scheme has a 95% accuracy rate which is higher than existing schemes in this field. In addition, evaluation of the Counter Disassociation Mechanism (CDM) scheme showed that a higher security enhancement is feasible without introducing a big overhead by using MD5-RSA as the digital signature alogrithm.